Wednesday, March 28, 2012

India Waking Up To Encryption Realities

Indian companies are adopting many technological methods to streamline their production and efficiency. While these methods can bring cost economy and production efficiency yet these technologies must be used in such a manner that they do not violate the laws of India.

For instance, the virtualisation, cloud solutions and encryption usage in India is subject to many laws like the cyber law of India incorporated in the information technology act 2000 (IT Act 2000), privacy laws, data protection and data security laws, etc. Cyber law due diligence in India is now well established and websites, companies and individuals must ensure the same in their own interests.

According to Praveen Dalal, managing partner of Perry4Law and leading techno legal expert of Asia, we have no dedicated Encryption Laws in India. Since this is a very crucial issue, Indian Encryption Policy must be formulated as soon as possible. Realising that Encryption Policy of India is needed, India is now considering formulating the same, informs Dalal. The proposed Encryption Policy plans to increase the encryption strength from 40 bits to 128 Bits, informs Dalal.

The new encryption policy would be announced by the Department of Information Technology (DIT) and it intends to strengthen the online and cyber security standards in India. However, this move may make the law enforcement agencies and intelligence agencies of India nervous as they are not comfortable with high encryption levels.

However, a Higher Encryption Level would strengthen E-Commerce in India as online sales, purchases and payments in India could then be made in a more “Secure” manner, suggests Praveen Dalal. For instance, Online Shopping in India has certain Legal and Cyber Security Issues that must be resolved before launching any Online Payment or E-Commerce Platform, informs Dalal.

India has so far failed to maintain a balance between national security, civil liberties and commercial requirements. Even a matter is pending before the Supreme Court of India where it would try to reconcile the Mobile Verification and National security Requirements in India, informs Dalal.